For years we have been recommending leaving AOL and Yahoo behind, initially do to their poor spam control and the abundance of ads they subject you to. We also see many yahoo email accounts being hacked and AOL is not much better. Lets face it if you have an AOL email address your are officially 2000 and late…
The horrifying and yes horrifying is the right word, outcome of this inundation of ads by these providers is the lack of policing of the content, now the worst virus for home and business users alike is spreading like wildfire.
CryptoWall V2.0 now uses poisoned ads on dozens of major sites like Yahoo, AOL and Match.com to infect networks. Malicious ads are nothing new in themselves, but second-gen ransomware using them is worrisome
Reports show that the sites themselves were not compromised; rather, the advertising networks upon which they relied for dynamic content were inadvertently serving malware. This means a so-called drive-by-download where the user does not have to click on anything. Up to now, CryptoWall was spread via spam with infected email attachments and download links sent by the Cutwail botnet.
The website visitors hit by this malvertising are people who run unpatched versions of Adobe Flash. The poisoned ads silently ‘pull in’ malicious exploits from the FlashPack Exploit Kit, hence the “drive-by-downloads”.
According to security researchers at Dell SecureWorks, more than 830,000 victims worldwide have been infected with ransomware, a 25% increase in infections since late August when there were 625,000 victims.
The first ransom usually has a deadline of 4-7 days and demands about $500. Even the bad guys understand it’s not always easy to get your hands on Bitcoins quickly. But when this first deadline is not made, the ransom doubles to roughly $1,000, depending on Bitcoin exchange rates.
Counting the ransom payments to CryptoWall’s Bitcoin addresses, Proofpoint estimates that the attackers make $25,000 per day. Recent data taken directly from the CryptoWall ransom payment server shows since August 2014 an additional 205,000 new victims have been claimed.
Want to know how well your practice or business is protected from todays’ and tomorrows’ ever evolving threats?
Let us provide your small business with a comprehensive security and threat assessment and get your security holes patched and vulnerable software updated.
Additionally we can install our CryptoInoculator software to help stop this virus before it infects your home or business network and causes irreparable damage to your pictures, documents, spreadsheets etc.
Find yourself with a new Window 8 or 8.1 computer and wish you could take a chainsaw to it?
Are you tired of living in the land of apps when all you really want is a desktop?
Isn’t it great to have a touch screen designed interface on a device sold without a touch screen!
Do you just wish they left well enough alone and you could hop back to an experience you are familiar with?
[av_animated_numbers number=’$40.00′ icon_select=’no’ icon=’ue800′ font=’entypo-fontello’ color=” custom_color=’#444444′ font_size=” font_size_description=” link=” linktarget=’no’ av_uid=’av-7q1pmn’]
Windows 8/8.1 optimization and tweaking package promo.
[/av_animated_numbers]
[av_two_third first av_uid=’av-58n9fj’]Computer Doctor of Hampden is offering a special package which will optimize the performance of your computer and return your desktop to its rightful place, and give you a real start button! Don’t worry your Apps will still be around just not in your face as much. While we have your system in the shop we will do a free hardware check and have a look at your security software.[/av_two_third]
The last thing most people think about when they unpack there shiny new Windows’s computer is… “Man, I really need to get a great security package on this computer before I start using it on the internet”. The fact is most people fly through all the initial prompts during setup and end up agreeing to everything in a mad dash to the desktop, and yes there really is a desktop in Windows 8!
I mention antivirus software because we have been seeing a recent trend of Windows 8 viral infections. While the actual virus that cripples the machine varies in each case, the one unifying thread is the fact that their Norton Antivirus 30 day trial had expired within the last 7 day.
One problem with the bundled antivirus is that it will disable the native (poorly rated) Windows Defender. That leaves folks wide open for malware infections.
If you are plagued with pop ups, stymied by internet searches brining lousy results and being redirected to the last places you want to be, chances are you may have a malware problem. Many times Computer Doctor can remotely connect to your computer clean the infection, optimize and tweak the performance of the computer, clean out the garbage software, fix the issues with your web browsers and install a new antivirus solution without the computer ever leaving your home or office.
The world of the iPhone is about to get even larger with the introduction of the iPhone 6. Apple is reportedly going to have two different iPhone models this coming September. One of the models will sport a 4.7″ screen, which is an increase of almost an inch from the current iPhone 5C and 5S. This phone will also have a refreshed look and upgraded internals too make this a faster iPhone overall. For all of you picture and video lovers out there, we have not heard much along the lines of an upgraded camera. However, it is reported that it could get some improved sensors and possibly 10 or 16 megapixel camera. As for the second iPhone model, it seems that Apple is going to release an iPhone 6 (Maybe 6S?) with a 5.5″ screen. This is perfect for those who might have trouble seeing or for those who love larger screens. This version of the iPhone could also have longer battery life that the 4.7″ model and faster internal parts. If you would like to check out all of the latest rumors on the iPhone 6, go to 9to5mac.com
Here at the Computer Doctor, we will have you covered in the unfortunate case that you crack your iPhone 6. We will gladly fix your iPhone at any point during the week with a short turn around time. Our trained iPhone Doctor will have your phone fixed by day after you bring it in.
Computer Doctor replaces broken screens and digitizers
Summer is right around the corner, get your broken devices up to par for vacations and outdoor fun. I admit it, the iDevices are cool and deliver on what they promise, with a straight forward interface and the largest selection of applications on earth. Unfortunately, gravity is their nemesis. Cases have come a long way, but accidents happen and when they do your digital companion often gets stuffed in a drawer instead of coming along for the ride.
For the month of June we are offering our iPod touch/ iPad screen digitizer repairs starting @ $99.00. This is a $30 dollar savings over our usual pricing. Bring your device in for a free damage inspection and receive an exact quote for your model. We also offer data recovery and transfer for devices that are unable or not cost effective to repair.
The clock has ticked and the days are numbered for Windows XP. Since October 2001 the operating system had taken the world by storm. With only a few weeks left of support from Microsoft, Windows XP still holds over 25% of the Windows Operating system user base.
XP Market Share high as end of life looms.
While no one is sure exactly what will happen when regular security patches are no longer being sent from Microsoft. The general consensus is that exploits are being stockpiled to target the operating system. Without the regular updates and support from many third party vendors, the already vulnerable operating system may become unstable and become a security risk to your home or business network.
Should you upgrade your current system or replace it? Good questions. There are many computers that came with XP that can comfortably run a more modern and secure operating system. Here are some guidelines:
How old is your computer? It is 2014, yes I know that doesn’t seem possible, but it is. How long have you had your computer and have you done any upgrades? If your computer is over 6 years old and has had no upgrades, it is time to move on.
What type of processor do you have? If you have a single core processor, Pentium 4 or Athlon single core processor, basically anything that does not support 64 bit processing it is time to move on.
How much ram do you have? For Windows 7 to be happy our bench mark is a minimum of 4 GB of ram. Can your machine support that much? Click here to find out.
Have you upgraded your hard drive? If your hard drive is anything less than 250 GB it might be a good assumption that it is over 6 years old, as with all mechanical parts there is a finite lifespan, hard drives slow over time and start to collect errors on the drive. Here is a great tool to run a quick check on your drive.
So here are some options for your XP machine: If it doesn’t meet the guidelines for upgrading you can always try Linux. Linux Mint and Ubuntu are two popular distributions. This is option is not for the faint of heart, while Linux has come a long way, you might want to give us a call before you explore this option. If your machine is worth upgrading or can have a few simple cost effective upgrades to have it work well with a new version of Windows then you need to choose between Windows 7 which is more similar to XP or Windows 8 which while it has grown on me, I still receive regular feedback from clients who are less than thrilled with the new user interface. Whatever route you take be sure to back up your data files before making any changes to your system.
Windows XP Office 2003 and Windows Server 2003 will no longer be supported in 2014
For everything there is a season, that certainly rings true for computers and technology. Windows XP first released in August 2001 turned out to be a huge hit for Microsoft and a relatively stable operating system for the following decade. The mostly widely adopted computing platform ever released up to that point. It’s simple and relatively logical interface, improved plug and play detection and great hardware support made it a favorite of millions.
As of April 8th 2014 Windows XP enters End of Life status, what that means to the average user is that the patches that keep the operating system secure will cease. Over the last 2 years I have been moving customers to the Windows 7 platform, especially business users. While Windows 8 continues to grow on me, I am still not a huge fan and prefer the straight forward desktop based interface that we have grown proficient at navigating.
Some customers still drag their feet, there are many businesses that are scraping by and do not have the capital investment for an IT make over. With residential customers I have been giving them the EOL talk and what that means moving forward. Most systems that came preloaded with XP are getting rather outdated at this point, aside from slower single core processors, the amount of ram is usually insufficient. There are situations that make sense to upgrade current hardware to Windows 7. If you have a system that has been upgraded over the years, has a dual core processor and 4+ GB of ram and a hard drive that is not older than 5 years.
New systems can still be purchased with Windows 7 but usually need to be ordered as the big box stores have long since gone to Windows 8. For you small office, home office users, it is time to move on. If your computer is connected to the internet when support ends, all bets are off.
The holiday season is a time of good will, but it also attracts a crowd decidedly lacking in that spirit.
“Holidays, like disasters, are a common time for scams to increase,” said Ed Mierzwinski, director of the consumer program at the U.S. Public Interest Research Group.
With the convenience of online shopping, consumers need to consider the possibility of identity theft. Other holiday rip-offs might not seem as obvious — disguising themselves through advertisements, fake charities or gift cards — but they are a threat nonetheless.
According to an October National Retail Federation survey, one-quarter of consumers plan on completing 26% to 50% of their holiday shopping online this year. Mierzwinski recommends the use of credit cards — not debit cards — when shopping online.
If someone is a victim of identity theft using a credit card, they still will have to undergo an investigation to validate the fraud, but they won’t lose the money in their account.
“You have more rights by law with a credit card than a debit card,” Mierzwinski said.
Other important tips:
Holiday Shopping and Social Scams to be mindful of. Identity theft, credit card fraud and fake charities, oh my!
Be careful with gift cards: Consumers need to act cautiously because scammers can copy or use portable scanners to get the code of a gift card and place it back on the rack. When consumers purchase the cards and activate them, the thieves can discover the values and take advantage online or in stores.
Make sure your shopping sites are legit: National Consumers League executive director Sally Greenberg said consumers should check the legitimacy of online shopping websites, especially when buying from unknown stores, and read the return policies.
Be wary of cut-rate pricing: Online advertisements for merchandise priced well below the product’s typical cost are a trick used by scammers looking to get personal identification from consumers or to install malware — software that performs unwanted tasks and gathers private information — on their computers.
As a precaution, said John Breyault, a consumers league vice president who specializes in telecommunications and fraud policy, people should have their antivirus software up to date when shopping online.
Watch out for charity scams: Phone calls and websites can solicit information from donors by posing as charities, and then steal from those who fall for the trap.
Mierzwinski said potential donors should use websites to check the legitimacy of charities, including GuideStar USA Inc. (www.guidestar.org) and CharityWatch (www.charitywatch.org). Fraudulent charities can disguise themselves by using names and Web addresses similar to real ones.
In terms of phone calls and emails from charities, Breyault recommended hanging up and deleting the emails. “If you’re thinking about donating to a charity,” Breyault said, “go to that website on your own.”
Cryptolocker continues to spread havoc on unprepared and unprotected computer systems throughout the world. Thousands of business and residential users are either losing their data or paying a ransom to retrieve their files. To update where we are some five weeks from our last report, the virus continues to evolve. While the evolution of viral infections is not unheard of, the mutations usually come in the form of copy cats, the copy cats change the file slightly to avoid detection and often change the user interface along with creating different ransom destinations. What differs with Cryptolocker is the fact that the virus infection is treated as a business. The secret to the scam succeeding is that they have to actually provide the decryption service or no one would ever pay. Without the decryption the business plan falls apart. This is a much more sophisticated attack that is making them millions.
The evolution comes in maximizing the chance that the victims will pay up. Here are things that can sabotage their scheme and how they deal with them.
If your computer is infected and your data files encrypted here is how things go. After encryption you are presented with a desktop wallpaper that looks similar to this.
cryptolocker wallpaper
Things that can go wrong at this stage are:
Your antivirus program can remove the virus. While this sounds good, in this situation it is just the opposite. Your files are still encrypted and your pathway to be able to pay the ransom has been deleted.
You try and do a system restore or otherwise alter the system state of the computer to remove the virus. This has the same result as number one.
The program states you have 72 hours to pay by either Bitcoins or Western Union Moneypack. Both of these forms allow the recipient to remain anonymous. If the 72 hours has passed and you do not make payment they claim that the key needed to decrypted your files will be deleted.
As the developers saw potential “loss in sales” do to these variables they added some additional features to their extortion program.
There is a link on the desktop wallpaper to make payment as well as to download a new copy of the virus should you find yourself encrypted but uninfected do to scenarios 1. or 2.
While it is a contradiction to their stated policy of deleting the key after 72 hours. they have graciously provided a new “service” whereby you upload on of your encrypted files and the system will scour their database to find the missing key to allow you to decrypt your files. Naturally for providing such a level of customer service their will be an increase in the ransom from $300 to $2000. Ouch!
In the last five weeks their have been some developments in how we try to prevent disaster from striking.
The first course of action is a cold back up, identify the key data files that need to be saved and back them up to an external source that can be detached from the system.
Next make sure that all your systems are thoroughly patched and updated, now more than ever is a great time to move away from Windows XP systems which will reach end of life next year, to a Windows 7 or 8 system which offers much greater security.
Education! Everyone in your home or company needs to be keenly aware of potential scams, bogus emails, unsafe surfing habits and what to look for to stop an infection before it can open a door for crypto locker.
Malware protection, make sure you have adequate protection against virus and spyware. Free programs at this point are not cutting it. Not only must you have active antivirus but the definitions need to be updated and the protection modules need to be enabled.
Traditional virus programs as of this writing are hit or miss. The nature of crypto locker is to dupe you into installing it. In this scenario it by passes many of the current security programs.
Computer Doctor of Hampden has helped support the development of a specific software program that closes a big hole and has the potential to stop cryptolocker and many other malicious programs in their tracks. What makes this software different is that it prevents the malware from being able to install itself. We own the rights to brand and distribute the software and have kept the price point very low to give you a fighting chance should this malware strike you, your family or your business.
Crypto Inoculator creates over 200 group policy rules that block crypto locker from installing. The system requires installation and configuration by one of our technicians, this allows software that is desirable to continue to work, and to ensure that there are no active infections currently on your system. After the virus check, the process of whitelisting takes a few minutes and the whole procedure can be done via remote connection to our office in Hampden. The software runs daily updates and can be configured to send you or one of our technicians an email if the crypto inoculator blocks a file. This notification will give us insight into what has caused the security breech and how to avoid it in the future. Computer Doctor of Hampden offers unparalleled, secure, remote service done locally.
This changes everything in my book. At Computer Doctor we deal with all types of Virus infections everyday, this one demands proactive measures or many will lose their documents and pictures permanently. Scared? You should be, and here is why. Ransomware takes control of your computer, denies you access and demands payment to resolve the issue. Two examples are the Rogue antivirus programs which masquerade themselves as an Antivirus program and demand payment to remove the infection, of course the program itself is the infection and when you pay your credit card information can be hijacked and the infection stays. The other example is the FBI or Moneypack Virus. This also locks your computer and states that you have violated a number of federal regulations and demands payment to unlock your computer. These can be very real looking and I have dealt with a number of people who have “freaked out” when they saw this. We see these infections every week and have a number of strategies to restore your computer and keep your data intact.
The Cryptolocker is a horse of a different color. The infection encrypts your files so you can no longer access them. These file types include but are not limited to: 3fr, accdb, ai, arw, bay, cdr, cer, cr2, crt, crw, dbf, dcr, der, dng, doc, docm, docx, dwg, dxf, dxg, eps, erf, indd, jpe, jpg, kdc, mdb, mdf, mef, mrw, nef, nrw, odb, odm, odp, ods, odt, orf, p12, p7b, p7c, pdd, pef, pem, pfx, ppt, pptm, pptx, psd, pst, ptx, r3d, raf, raw, rtf, rw2, rwl, srf, srw, wb2, wpd, wps, xlk, xls, xlsb, xlsm, xlsx
The only way as of now to unlock the files is to pay. There is no way at this point to get around the encryption, it is a powerful tool and when used against you there is no way unlock your files. Game over, do not pass go, do not collect $200. Yikes!
So how do you deal with it when it happens, at this point there are no simple solutions. If the files are encrypted it is too late, the virus will start a timer giving you X amount of time to complete the payment and get the key, If you do a system restore you will lose the chance to retrieve the encryption code and your files are locked forever. In some cases there are some decryption tools that may or may not help.
Frankly this is sickening, I hope this does not get as rampant as other infections because the potential is there for catastrophic damage to business systems and the personal memories we hold dear being placed in jeopardy.
Here is a segment done by our friends @ TWIT that spells it out :
[av_video src=’http://youtu.be/qBXrncdEifo’ format=’16-9′ width=’16’ height=’9′ av_uid=’av-8jp4e’]
Email is still huge entrance for many viral infections, recently particular client of ours recently opened the email, and clicked the download attachment link because the client was actually expecting files to be sent via email to him. It’s an especially dangerous situation in a business atmosphere, where the majority of the work is being completed on computers.
One client who became infected stated an email arrived claiming a file being was enclosed via Xerox file transfer, which most likely does not exist, or is not widely available to the public. This is the first sign of trouble, never click a link in an email that is vague, or is delivered via an “outside” third party with no personal name attached to it. Be wary of emails containing claiming to contain tracking information, reports have stated that UPS,FEDEX and DHL were named in bogus email containing cryptolocker in the message. If this occurs in your email, delete it immediately. Don’t be duped by bogus emails, be careful of all emails, even ones from people you know. File attachments are still the number one source of email based virus infections, read and think twice before you open any email attachment. We have also heard of emails that contain pdf files and are described as customer service messages or reports. Clearly this is targeting the business sector who has deeper pockets and a greater potential of revenue loss from data loss. This is one of many ways the virus is finding it’s way into your system.
The only way to protect your data is via a cold back up. An external drive needs to be connected and all files that need to be safe should be copied onto the drive and then the drive disconnected from the machine. Unless this is done there is no way to be 100% sure that your data is safe. Online back up programs can copy and replace your known good files with the encrypted ones, you won’t know the damage is done until you try to open them and how often do you open older documents and pictures, the encryption process is hidden until complete and then the ransom appears. These infections can run rampant through a network and encrypt files on your server and jump to other workstations. A nightmare!
There are variants to every virus, some of these can be hoax’s and not encrypt anything, some will work as planned and by paying you will be sent a key. The worst situation is your files will be encrypted and you pay and don’t receive the key.
Here is our current recommendation:
Purchase an external hard drive and back up all your files ASAP, if you need help contact us and we can take care of this for you.
Make sure your operating system is up to date and all web players and software packages are updated, java,adobe flash, etc.
Make sure your antivirus program is updated and actively scanning your system.
Make sure you have a firewall installed.
Think before you click a web link or open an email.
For business users, how are you protecting your data and do your employees have the access to infect your network by accident.
If you see the cryptolocker icon appear on your desktop, do not ignore it! Disconnect the computer from your network first and then call a professional for help and guidance. We will update the blog with more information as it becomes available. Please call or email with questions. Back up now, this is not to be ignored!
The adage ” there is no free lunch” rings true on the internet even more than you can imagine. We are continually bombarded with opportunities to al...
Is your personal information and data worth the best protection and security services available? Of course it is! Computer Doctor is proud to now offer remote sup...
Are you tired of living in the land of apps when all you really want is a desktop?
creates over 200 group policy rules that block crypto locker from installing. The system requires installation and configuration by one of our technicians, this allows software that is desirable to continue to work, and to ensure that there are no active infections currently on your system. After the virus check, the process of whitelisting takes a few minutes and the whole procedure can be done via remote connection to our office in Hampden. The software runs daily updates and can be configured to send you or one of our technicians an email if the crypto inoculator blocks a file. This notification will give us insight into what has caused the security breech and how to avoid it in the future. Computer Doctor of Hampden offers unparalleled, secure, remote service done locally.